12624a1ef6514b69710663ee1eda14c0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

12624a1ef6514b69710663ee1eda14c0_NeikiAnalytics
Size

379KB
MD5

12624a1ef6514b69710663ee1eda14c0
SHA1

9d0bbdc1e435279da7bc2251e30e5f38704b5342
SHA256

96a14144e4b74735fd508a6831fa15a0df591785cc55049ba2ee687bdbbf537d
SHA512

a43a674b83e73df12220f00f7cabdeaaa4ebdcdd19ce15ae5b5b22276d6e43b03a7fd3effb2242b98a9666260d0da88fcbe5ef2d24889f97b05781df0f1eff9c
SSDEEP

6144:NUUEKBuY6mtGkF77dADXQZXlELFv3tB5tq1ULlY3ERiyTOjPOoLyuYB:NUU/BuHVDXQZXCB3tBK1U/iyqPviB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12624a1ef6514b69710663ee1eda14c0_NeikiAnalytics

Files

12624a1ef6514b69710663ee1eda14c0_NeikiAnalytics
.exe windows:6 windows x86 arch:x86

5538f56c36980abf166fab7815dbcb59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
CM_Get_DevNode_Status
CM_Get_Child
CM_Get_Parent
CM_Get_Device_IDW
SetupDiGetDeviceRegistryPropertyW
SetupDiSetClassInstallParamsW
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsW
SetupDiEnumDeviceInfo
SetupDiClassGuidsFromNameW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

shlwapi

PathFindFileNameW
PathFindExtensionW
SHGetValueW
PathRemoveFileSpecW
SHSetValueW
StrStrIW

ole32

CoInitializeSecurity
CoUninitialize
CoCreateInstance
CoInitializeEx
CoSetProxyBlanket

wtsapi32

WTSQueryUserToken

rpcrt4

RpcServerUseProtseqW
RpcServerRegisterIf
RpcServerInqBindings
RpcEpRegisterW
RpcServerRegisterAuthInfoW
RpcServerListen
RpcEpUnregister
RpcBindingVectorFree
NdrServerCall2
RpcMgmtStopServerListening

iphlpapi

FreeMibTable
GetIfTable2

kernel32

SetLastError
FindClose
FindNextFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileW
GetProcAddress
GetModuleHandleW
FreeLibrary
lstrcmpW
InterlockedExchange
CompareStringA
LoadLibraryW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GlobalDeleteAtom
GlobalAddAtomW
GlobalGetAtomNameW
GetVersionExA
LoadLibraryA
CompareStringW
GlobalFindAtomW
FormatMessageW
InterlockedIncrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
lstrlenA
WritePrivateProfileStringW
GlobalFlags
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
GetFullPathNameW
SetErrorMode
GetStartupInfoW
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapReAlloc
ExitProcess
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GlobalAlloc
HeapCreate
VirtualFree
QueryPerformanceCounter
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetConsoleCP
GetConsoleMode
LCMapStringA
GetCurrentDirectoryA
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetDriveTypeA
SetEnvironmentVariableA
DeviceIoControl
GetLocaleInfoW
InterlockedDecrement
GetCurrentThreadId
CreateFileW
WTSGetActiveConsoleSessionId
ProcessIdToSessionId
LocalAlloc
GetTickCount
GetSystemPowerStatus
VerSetConditionMask
VerifyVersionInfoW
OpenFileMappingW
OpenEventW
HeapFree
GetProcessHeap
HeapAlloc
DeleteFileW
GetModuleFileNameW
CreateEventW
CreateFileMappingW
SleepEx
GetSystemTimeAsFileTime
ReleaseMutex
GlobalFree
CreateThread
WaitForSingleObject
LocalFree
FindResourceW
LoadResource
LockResource
SizeofResource
CreateMutexW
WideCharToMultiByte
GetLastError
MapViewOfFile
WaitForMultipleObjects
UnmapViewOfFile
SetEvent
Sleep
CloseHandle
EnterCriticalSection
LeaveCriticalSection
lstrlenW
GetCurrentProcessId
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GlobalLock
GetStartupInfoA
GlobalUnlock
GetModuleHandleA

user32

ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetWindowTextW
RegisterWindowMessageW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetWindowTextW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetClassNameW
GetSysColor
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
WinHelpW
SetWindowPos
SetFocus
IsWindowEnabled
EqualRect
GetDlgCtrlID
LoadIconW
GetCapture
ReleaseCapture
LoadAcceleratorsW
SetActiveWindow
InvalidateRect
UpdateWindow
InsertMenuItemW
CreatePopupMenu
GetClassInfoW
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetMenu
GetLastActivePopup
SetMenu
GetWindow
ShowWindow
IsWindow
EnableWindow
TranslateAcceleratorW
UnregisterClassW
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SystemParametersInfoW
GetMenuItemInfoW
InflateRect
MessageBoxW
GetWindowThreadProcessId
GetForegroundWindow
IsIconic
SetForegroundWindow
GetParent
GetWindowRect
PtInRect
GetClientRect
GetWindowLongW
SetWindowLongW
GetDesktopWindow
GetDC
ReleaseDC
SendMessageW
PostMessageW
KillTimer
SetTimer
RegisterPowerSettingNotification
UnregisterPowerSettingNotification
LoadCursorW
GetSysColorBrush
GetDlgItem
GetWindowDC
BringWindowToTop

gdi32

BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateCompatibleBitmap
SelectObject
DeleteObject
CreateCompatibleDC
GetObjectW
ExtTextOutW
GetDeviceCaps
GetTextExtentPoint32W
CreateFontIndirectW
CreateSolidBrush
GetStockObject
CreatePatternBrush

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegDeleteKeyW
RegEnumKeyW
GetSecurityDescriptorDacl
SetNamedSecurityInfoW
ImpersonateLoggedOnUser
CreateProcessAsUserW
RevertToSelf
QueryServiceConfigW
OpenSCManagerW
OpenServiceW
QueryServiceStatusEx
CloseServiceHandle
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyExW
RegCreateKeyW
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExW
SetServiceStatus
RegSetValueExW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW
DragFinish
ShellExecuteW
DragQueryFileW

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocStringLen
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SysStringLen
SafeArrayPutElement
SafeArrayCreateVector
VariantChangeType

powrprof

PowerSetActiveScheme
PowerWriteSettingAttributes
PowerEnumerate
PowerGetActiveScheme
PowerWriteACDefaultIndex
PowerWriteDCDefaultIndex
PowerReadACValueIndex
PowerReadACDefaultIndex
PowerWriteACValueIndex
PowerReadDCValueIndex
PowerReadDCDefaultIndex
PowerWriteDCValueIndex

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

Sections

.text
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5538f56c36980abf166fab7815dbcb59

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

shlwapi

ole32

wtsapi32

rpcrt4

iphlpapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

oleaut32

powrprof

userenv

Sections

.text Size: 258KB - Virtual size: 258KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 11KB - Virtual size: 26KB

.rsrc Size: 45KB - Virtual size: 45KB

.text
Size: 258KB - Virtual size: 258KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 11KB - Virtual size: 26KB

.rsrc
Size: 45KB - Virtual size: 45KB